CVE-2025-50488
Severity
7.1HIGH
EPSS
0.1%
top 79.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 28
Description
Improper session invalidation in the component /library/change-password.php of PHPGurukul Online Library Management System v3.0 allows attackers to execute a session hijacking attack.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:NExploitability: 2.8 | Impact: 4.2